RE: IPsec Usage Question

[Paul Koning <ni1d@arrl.net>]

Excerpt of message (sent 1 February 2002) by CAVANNA,VICENTE V (A-Roseville,ex1):
>  I am one of those who think an IPSEC
> tunnel to a gateway and then an unsecured path to the storage device is not
> enough security for storage traffic but the reality is that this may be the
> only security available initially.
> 
> In fact it is possible that we have nested tunnels and we may be dealing
> with more than two IP addresses.

Nested tunnels is certainly one example.  But there are other reasons:

1. You mention a preference for having end to end (rather than gateway
to somewhere) security.  That's one valid preference.  But in general
the choice of what is required is driven, among other things, by a
threat analysis.  Threats differ for different installations; one size
does not fit all.  There will be plenty of sites where the threat
analysis says that a security gateway (protecting traffic going beyond
a security boundary) is the correct solution.

2. One reason why practical IPsec installations show a preference for
security gateways is that it reduces the number of places where
security must be managed.  Security management is one of the hardest
management jobs.  (This is one of the serious problems with mandating
security everywhere!)  So network adminstrators generally put a
security gateway in a suitable spot, and lavish a lot of attention on
configuriging that correctly and carefully.  The resulting secure
channel then protects lots of other nodes at little or no extra cost.

	paul